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Abstract: The networks are increasing day by day and their complexity is also increasing every passing second. The 
businesses are going online; the payments are done online. Hence the user wants their data to be highly secured and the 
internet is a public network, no one is safe from threats on the internet, hence the networks must be guarded perfectly so 
that people can trust the internet and they will continue to work online. One of the protective mechanisms under serious 
consideration is the firewall [1]. A firewall secures the network at its entry points, it checks all the traffic which passes 
through the entry point. The allowed IPs are called trusted while disapproved IPs are called untrusted in firewall 
terminologies. This paper provides an overview of firewall types, functionalities, and technologies. 


Index Terms: Firewall technologies, Network Security, Access Control, Security Policy, Firewall Techniques. 
INTRODUCTION 


Nowadays, Internet has become so common and it is used in almost every field. Banking, e-commerce, engineering, 
social studies, research, Information technology, history, etc. [2] Internet has become the most essential part of our lives 
and we cannot even perform our daily routine work without using the internet and its usage and importance are increasing 
every passing second. As there is so much use of the internet, there is a big risk to security because all the banking systems 
are working on the internet, and all the transactions are being made on the internet. So, the network security can never be 
ignored, it has to be highly secured so that more and more users can work freely on the internet. A device that is used for 
the security of the network interface is called Firewall [3]. As well as, the Firewall works better on Computers and other 
communication devices just like routers. Which can protect from the suspicious activity of unwanted users. On the other 
hand, the firewall is a known component or, A System that is placed among two network devices and carries these two 
properties. 


e Public and Private traffic will be passed through firewall policies. 


e In this policy system, approved security can easily allow passing through Firewall settings. 


Whenever we have seen that a firewall cannot change its built-in features. Because firewall known as security barrier 
inside the computer and it is designed for unauthorized accessed or suspicious activity from private network. After that, 
firewall can easily access over the hardware and software where it known as combination of both things [4]. Firewall 
works continuously on computers which are connected over the internet and it protect us from unauthorized activity or 
access. So it stops to other user which are trying to connect without permission [5]. As it is shown that data can travel 
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through internet which is in packet form. Firewall has authority to scan such type of packets and analysis them that those 
packets are right or wrong. Therefore, private and public network have filtered mechanism, where it can be seen through 
traffic passing system and prevent from unauthorized activity. As well as, firewall protect from suspicious activity over 
internet. Such kind of things has been defined in filtering policy [6]. The network administrator can develop the polices 
of firewall and those policies can check step by step to know that those policies are implemented perfectly or not. As it is 
well-known that firewalls mostly connected on first match method that means if first policy has been matched with match 
field of packet transferring, so it can be stopped and removed from the given policy manual. Because all policies make 
the rules for packet moving [7]. Figure 1 shows the firewall schematics and the packet matching involves on field from 
the TCP (Transmission Control Protocol), UDP (User Datagram Protocol) and IP (Internet Protocol) Packet header [8]. 
Some of the categories has been shown below: 


e ~~ Basic-Packet-Filtering 
e = Stateful-Packet-Filtering 


Inside Filter Demilitarized Zone (DMZ) Filter Outside 


Intemal & External 


Gateway Systems 


Fig. 1 Firewall Schematics 
LITERATURE REVIEW 


Recent research shows better understanding and improvement of firewall technologies and functionalities Solicits that: 
Firewalls are one of the most used devices for the safety of the Network, but it has limitations and can be misused by 
hackers. For example, it can protect the network from outside threats but it is not supposed to protect it if the threat/hacker 
is from the inside of the network. Anyhow, it can be used for internal safety but it will eventually decrease the efficiency 
level of the network speed. Firewalls are categorized in different parts which are: 


Packet Filter Firewall 
Application Gateway Firewall 
Stateful Inspection Firewall 
Circuit Level Gateway-Firewall 

e Next-Gen Firewalls 
Whenever we designed Firewall inside the network than it must provide safety against unwanted activity including Denial 
of Services (DoS) attacks. DoS attacks occur when users want to attack their victim and that person can harm their victim 
with their virus or any other soft-type activity using the network. The attacker easily breaks computer security, if the 
firewall is not working as policies has been designed for their network. Similarly, Yue [9] has analyzed the computer 
network security features and the main threat, discussed the firewall technology for domestic and international use, they 
also analyzed the advantages and shortcomings of the firewall device. Likewise, Bishop [10] has also discussed different 
types of attacks users face on the internet. Correspondingly, Greve [11] has discussed the functionalities and mechanisms 
of the firewalls, i.e. Access control, etc. Moreover, Burns [12] has argued about the enhancement of firewall technologies 
for the future. 


In starting days, the Firewall has the ability to filter out the network packets and routing-based protocols. After all, they 
created boundaries inside the network over the world such as connected networks and their secured boundaries within 
networks. These firewalls were effective for small businesses and computers and networks etc. but there was still a risk 
[13]. Of course, attackers don’t stand putting their hands on their hands, many of the advanced attacks can easily destroy 
the Firewall settings: such type of attacking activity in the vulnerability of the application servers. Social engineering 
activity can easily gain access to their inside network through spam emails and such type of website can easily have 
compromised. In this digital world firewall technology can be advanced too. As well as, firewall technology is going too 
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advanced on the basis of OSI layers. Where it can be identified easily and traffic controlled on the basis of user 
applications. If the deep inspection of the threats inside the computer, then it must occur in applications traffic [14]. After 
that, it shifts from ports and protocols where users have a new category which is network protection as well as it called 
like Next-Generation firewalls. It includes deep packet inspections of encrypted and unencrypted traffic of user-based 
policies [15]. As we have noticed the efficiency of advanced firewall products can be operated in a difficult way and their 
weakness/ limitations. If you approved any activity or any message, then the firewall cannot responsible for their loss. 


1. The most important thing in Firewall setting, it cannot stop social engineering attacks which is being accept by 
user, with their approval setting. 


2. Inside network administrative setting firewall cannot be responsible for their poor administrative setting and 
their security policies. 


3. When the amount traffic increase then firewall cannot work or process efficiently. 
4. It may be efficient, when rules are enforced properly as their need. 


Modern Firewalls must: 


1. It shows malicious activity from unwanted resources or any other behavior of records that are collected during 
network connectivity. 


2. Security systems work better; it provides better solutions in modified network architecture and they can 
implement in one operating system so it can easily detect unwanted activity inside the computer. As well as, it 
responds to advance security threats efficiently. 


3. Inside the computer, the usage of dynamic applications which control the new technical service and it manage 
malicious activity which can occur during the usage of unauthorized software. 


4. Threat protection technologies can easily integrate into the full suite any protected software. So the security 
administrator can easily maintain and protect against security issues. 


3. METHODOLOGY 


Firewalls contain policies that are used for security purposes and in network terminologies, we can say Trust/Un-Trust. 
We assign policies for the different networks of IPs through the firewall. Internet is the most un-trusted network because 
anybody can access our network if we assign the internet as a trusted network. Hence, the firewall comes with a built-in 
functionality having the internet marked as an un-trust network. The firewall series has become so advanced nowadays 
as it can perform deep content filtering. Older firewalls were only used to filter a complete IP as a whole, so there was a 
great risk of policy violations because anyone could access under the roof of that particular IP and the firewall couldn’t 
detect the malicious particle. But now, firewalls have advanced a lot. 


1.1. Firewall Architecture 


Firewall Architecture is liable for the standards framework and associated with Sub-Network systems. So it can be divided 
into sub-network systems just IP or TCP which can easily expose those companies which are responsible for it. Figure 2, 
which are a subdivision of an IP or TCP/IP network that exposes the company's services to a larger untrusted network, 
such as the Internet. Let us summarize the different types/technologies of firewalls [16]. 


Packet Filtering Firewall: Also known as static packet filtering. It was the very first firewall that worked on the network 
layer of an OSI model, it examines packet headers which included the IP addresses, ports, and protocols of the source and 
destination [17]. On the basis of these headers, it used to allow or block traffic to pass through it. 


Stateful-inspection Firewall: Also known as Dynamic packet filtering. it had access up to the application layer of an OSI 
model. It was much better in performance than the previous firewall which checked just headers to allow or block the 
traffic. This firewall is used to store information like port numbers, IP addresses, etc. of the visiting network. It records 
information intelligently of both incoming packets and outgoing packets, by using these records the administrator can set 
parameters to meet specific needs [18]. 
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Circuit-level Gateway: These firewalls provided UDP and TCP connection security. It works between the application and 
transport layer of an OSI model and basically works on a session layer of an OSI model [19]. 


Application Gateway: Also known as a proxy firewall. It is an application program that runs on a firewall system. This 
basically creates a secured tunnel between a client and a destination network and when a client or a destination network 
desires to communicate with each other than all the traffic will be passed through this proxy securely. Although this is 
considered as one of the highly secured methods of firewall protection, it requires a large amount of storage and processor 
as compared to other firewalls like static packet firewalls, etc [20]. 


Next-Gen Firewall: These firewalls are the most recent and advanced firewalls in the current era. These are the 3rd 
generation of the firewalls which have gone pass through all the traditional security methods like headers checking, 
port/protocol checking, etc. Instead, it does deep packet inspection, application-level inspection, and Intrusion prevention, 
and also brings intelligence to the outer of the firewall. Most organizations which are having sensitive data are taking 
complete advantage of next-gen firewalls and it is their go-to choice nowadays for securing their network [21]. 


Fig. 2 Shows Network Firewall 


Be it on the intranet of any organization or internet. In both these, there has to be some security device that can be used 
for the security of the organization either from outside networks or from the inside network. A firewall is designed to 
perform this job [22]. However, principally, the philosophy behind a firewall can be thought of as a pair of mechanisms 
such as: 


e = It exists to block traffic 
e = It exists to permit traffic. 


Figure 3, the most important feature of the firewall is that it is at the entry of the network and also at the exit point of the 
network which eventually means that every traffic that comes inside the network will pass through the firewall first and 
also every packet of data that leave the network has to go through the firewall [23]. The logic is simple: a firewall must 
be positioned in a network to control all incoming and outgoing traffic. 


4 


ey 
CableiDSLModem Hardware-Based Firew: 


Personal Computer 


\ a 


Personal Computer 


Internet 


Fig. 3 Illustrate the structure of the Internet 


IPsec 


IPsec (IP SECURITY) is a protocol that was developed for the security of data communication between networks. It has 
two modes of operation, the transport mode, and the tunnel mode. 


IDS and IPS 
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Intrusion Detection Systems (IDS) analyze network traffic for signatures that match known cyberattacks. This system, it 
shows various technical things where cyber-attacks cannot enforce the system. Intrusion Prevention Systems (IPS) also 
analyze packets, but can also stop the packet from being delivered based on what kind of attacks it detects — helping stop 
the attack [24]. 


4. PROPOSED FIREWALL MODEL 


In this model, figure 4 the firewall compares the connection within internet parameters and it matches the call permit. 


Initialize the Firewall 
Wait for the 
Connection 
l Call Block Module 


No { 
Terminate 
Connection 
| Yes 
Read Firewall Policy : aes 
Toble Parmeter Call Permit Module 


Compare Info From 
Header With The Policy 


Fig. 4 Proposed Model for Firewall 


5. CONCLUSION 


This paper examined how the firewall works, and what are different firewall techniques. The paper also gives a brief 
introduction to the types and technologies of firewalls with diagrams and a working packet filtering firewall flowchart. 
Also, this paper concluded that a firewall is no doubt the best device for network security purposes but it has some 
limitations which are mentioned in this paper. This paper also contains reviewed data from some of the previous papers 
related to this topic i.e. firewalls. 
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